package aQute.openapi.provider.cors;

import aQute.lib.strings.Strings;
import aQute.libg.glob.Glob;
import aQute.openapi.provider.CORS;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;

/* loaded from: input_file:aQute/openapi/provider/cors/CORSImplementation.class */
public class CORSImplementation implements CORS {
    Set<Glob> listOfOrigins;
    Set<String> listOfExposedHeaders;
    Set<Glob> listOfHeaders;
    boolean supportCredentials;
    int maxAge;
    Logger logger;

    public CORSImplementation(Logger logger, String[] strArr, String[] strArr2, String[] strArr3, boolean z, int i) {
        this.listOfOrigins = new HashSet();
        this.listOfExposedHeaders = new HashSet();
        this.listOfHeaders = new HashSet();
        this.supportCredentials = false;
        this.logger = logger;
        this.listOfOrigins = toGlobs(strArr);
        this.listOfExposedHeaders = strArr2 == null ? Collections.emptySet() : (Set) Stream.of((Object[]) strArr2).collect(Collectors.toSet());
        this.listOfHeaders = toGlobs(strArr3);
        this.supportCredentials = z;
        this.maxAge = i;
    }

    @Override // aQute.openapi.provider.CORS
    public boolean fixup(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader("Origin");
        if (header == null) {
            this.logger.debug("{} no expected Origin header set", this);
            return false;
        }
        if (!this.listOfOrigins.isEmpty() && !in(this.listOfOrigins, header)) {
            this.logger.warn("{} Invalid origin {}, allowed {}", new Object[]{this, header, this.listOfOrigins});
            return false;
        }
        String header2 = httpServletResponse.getHeader("Access-Control-Allow-Origin");
        if (this.supportCredentials) {
            if (header2 == null) {
                httpServletResponse.addHeader("Access-Control-Allow-Origin", header);
            }
            if (httpServletResponse.getHeader("Access-Control-Allow-Credentials") == null) {
                httpServletResponse.addHeader("Access-Control-Allow-Credentials", "true");
            }
        } else if (header2 == null) {
            httpServletResponse.addHeader("Access-Control-Allow-Origin", header);
        }
        if (this.listOfExposedHeaders.isEmpty()) {
            return true;
        }
        Iterator<String> it = this.listOfExposedHeaders.iterator();
        while (it.hasNext()) {
            httpServletResponse.addHeader("Access-Control-Expose-Headers", it.next());
        }
        return true;
    }

    @Override // aQute.openapi.provider.CORS
    public boolean doOptions(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) throws IOException {
        if ("OPTIONS".equals(httpServletRequest.getMethod())) {
            return preflight(httpServletRequest, httpServletResponse, strArr);
        }
        return false;
    }

    private boolean preflight(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) throws IOException {
        String header = httpServletRequest.getHeader("Origin");
        if (header == null) {
            this.logger.debug("{} no expected Origin header set", httpServletRequest);
            return false;
        }
        if (!this.listOfOrigins.isEmpty() && !in(this.listOfOrigins, header)) {
            this.logger.warn("{} Invalid origin {}, allowed {}", new Object[]{httpServletRequest, header, this.listOfOrigins});
            return false;
        }
        String header2 = httpServletRequest.getHeader("Access-Control-Request-Method");
        if (header2 == null) {
            this.logger.warn("{} Missing expected CORS header  Access-Control-Request-Method", httpServletRequest);
            httpServletResponse.setStatus(400);
            return true;
        }
        if (!Strings.in(strArr, header2.trim().toUpperCase())) {
            this.logger.warn("{} Not an allowed method {}", httpServletRequest, header2);
            httpServletResponse.setStatus(400);
            return true;
        }
        String header3 = httpServletRequest.getHeader("Access-Control-Request-Headers");
        List<String> emptyList = header3 == null ? Collections.emptyList() : Strings.split(header3.toLowerCase());
        for (String str : emptyList) {
            if (!in(this.listOfHeaders, str)) {
                this.logger.warn("{} Not an allowed header {}, allowed {}", new Object[]{httpServletRequest, str, this.listOfHeaders});
                httpServletResponse.setStatus(400);
                return true;
            }
        }
        if (this.supportCredentials) {
            httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        }
        if (this.maxAge > 0) {
            httpServletResponse.setIntHeader("Access-Control-Max-Age", this.maxAge);
        }
        Arrays.sort(strArr);
        httpServletResponse.setHeader("Access-Control-Allow-Methods", Strings.join(strArr));
        boolean allMatch = emptyList.stream().allMatch(this::isSimpleHeader);
        boolean z = !emptyList.contains("content-type");
        if (!allMatch && z) {
            httpServletResponse.setHeader("Access-Control-Allow-Headers", Strings.join(emptyList));
        }
        httpServletResponse.setStatus(204);
        return true;
    }

    private boolean in(Set<Glob> set, String str) {
        Iterator<Glob> it = set.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    private boolean isSimpleHeader(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1423461112:
                if (str.equals("accept")) {
                    z = false;
                    break;
                }
                break;
            case -1229727188:
                if (str.equals("content-language")) {
                    z = 2;
                    break;
                }
                break;
            case 785670158:
                if (str.equals("content-type")) {
                    z = 3;
                    break;
                }
                break;
            case 802785917:
                if (str.equals("accept-language")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
            case true:
            case true:
                return true;
            default:
                return false;
        }
    }

    private Set<Glob> toGlobs(String[] strArr) {
        return (Set) Stream.of((Object[]) strArr).map(Glob::new).collect(Collectors.toSet());
    }
}
